Traceback

Still don’t understand the hints on getting root with this box

after updating update-mol… file when i try to relogin through ssh it is asking for webadmin password any solution can’t get root password

Type your comment> @inth3WILD said:

Still don’t understand the hints on getting root with this box

Look for some processes.

Rooted. This was a fun box. Certainly learnt some useful stuff! Thank you for the box, @Xh4H . Feel free to DM me if you’re stuck

Rooted.
Root flag was funny @Xh4H :slight_smile:

Rooted.

Happy to hint if anyone needs help.

found it

Finally after some days and with the huge help of the comments on this forum this morning I was able to get the root flag (my first box btw)
But I admit that I didn’t totally understand the process.
Well, I understand what I should do, but I really don’t understand the process of finding the 0*-*****r with pspy.
Could anyone explain this to me? In particular I have two questions.
1 - how do you install pspy on the machine? Or what did you use instead?
2 - how did you know that this is the right process to modify? I mean, I read I lot of people talking about the ID, but i didn’t understand that.

Just rooted this one. nice machine :slight_smile:

Finally Solved!
The tips in this thread led me down a 4 day rabbit hole unnecessarily.
Some hints for those struggling as much as I did.

Initial Foothold: The “hacker” told you what to look for, google his name and try the different ones. Once you find the right one, a simple google search brings you back to find the cred.

User: There is a message for you to find, once you find it, don’t do what I did and spend a bunch of time learning that method. Simply do what you would normally do to change users, and find a 1 liner to solve the problem that arises. (extra hint: it wont work unless you change the lock so that your keys work)

Root: There is a file that ran when you used the right key. Tell it what to do and the next time you use your keys, it will give you what you want.

If this helped please give some respect!

Got root lol very gd puzzle had to be fast :>

rooted
It’s a simple box, i don’t like it because so like CTF.

Rooted, very fun box for a beginner like me.
Thank you Xh4H!!!

Init: You can’t be lazy enough with google
User: Enum, see what you are allowed to do, and learn a new language (at least for me)
Root: This was really fun, backups are important to not spoil the game.

PM me, if you need a nudge

Good box but it is laggy as ■■■■.

This was a nice and quick box to work on. Google-fu, history, and peas helped me to escalate my way to root.

Hi,

I can use some help with priv esc to root.

So far I have the following (I hope I don’t give too much)

I have access to the box as SA user. I have found an interesting process with accompanying files that I can write to. The problem, for example when I edit a file and execute it manually, I have Code execution (ping & shell)

Only thing that I run into now is that the process doesn’t trigger my code, logically the process only uses cp.

But now the 1 million dollar question, how to proceed from this point. Am I missing something, am I completely wrong?

So I hope someone will share the thought process with me and help me further.

User was a breeze, all you need to do is already mentioned in there. Root is a bit tricky, a quick 2 steps process. And I had to experiment with different reverse shells to get it to work. Learned a thing or two. Thanks to the author(s).

Just managed root. Have to say, not really a fan of foothold, but hey, it’s a different concept from what I’m used to and this isn’t real life anyway, so it’s whatever. Getting both user and root were interesting tricks to add to my arsenal; I was a little scared when going for root because I thought I was gonna screw up the box for everyone else, but I realized that’s not really possible. PM me with questions. Happy to help!

rooted !!
it was a wonderful machine

i was stuck in root part but i figured it out at last.

hint:
root: after writing on the changing file … just try to enter from another port. time is the key.

I got the backdoor, but don’t know where to search for user